ZyXEL Prestige routers, including P-660, P-661, and P-662 models with firmware 3.40(AGD.2) up to and including 3.40(AHQ.3), allow remote authenticated users to obtain authentication data by making direct HTTP requests and then reading the HTML source, as demonstrated by a request for (1) RemMagSNMP.html, which discloses SNMP communities; or (2) WLAN.html, which discloses WEP keys.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zyxel prestige 661 hw-d1 |
||
zyxel zynos 3.40 |
||
zyxel prestige 660 h-d1 |
||
zyxel prestige 660 h-d3 |